Name: | http-parser |
---|---|
Version: | 2.7.1 |
Release: | 8.el7_7.2 |
Architecture: | x86_64 |
Group: | Unspecified |
Size: | 76560 |
License: | MIT |
RPM: | http-parser-2.7.1-8.el7_7.2.x86_64.rpm |
Source RPM: | http-parser-2.7.1-8.el7_7.2.src.rpm |
Build Date: | Thu Mar 05 2020 |
Build Host: | jenkins-10-147-72-125-43ff6ce1-34af-4e5f-9321-1f1c56291f59.appad2iad.osdevelopmeniad.oraclevcn.com |
Vendor: | Oracle America |
URL: | https://github.com/nodejs/http-parser |
Summary: | HTTP request/response parser for C |
Description: | This is a parser for HTTP messages written in C. It parses both requests and responses. The parser is designed to be used in performance HTTP applications. It does not make any syscalls nor allocations, it does not buffer data, it can be interrupted at anytime. Depending on your architecture, it only requires about 40 bytes of data per message stream (in a web server that is per connection). |
- Do not break ABI with CVE-2019-15605 fix
- Resolves: CVE-2019-15605 http-parser: nodejs: HTTP request smuggling using malformed Transfer-Encoding header
- Backport needed test fixes - Related: rhbz#1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser allowed for spaces inside Content-Length header values [rhel-7]
- Resolves: rhbz#1666024 - CVE-2018-7159 http-parser: nodejs: HTTP parser allowed for spaces inside Content-Length header values [rhel-7]
- Resolves: rhbz#1666381 - CVE-2018-12121 http-parser: nodejs: Denial of Service with large HTTP headers [rhel-7]
- Bump http-parser release number to avoid people pulling EPEL package instead of RHEL package Resolves: rhbz#1479471
- Import spec file and patches from latest fc25 package Resolves: rhbz#1393819